e61e75f6c4444054c56684e327b65713a35a4689674f03825e9bafcd2da56bae

Analysis

max time kernel
118s
max time network
127s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
19/09/2024, 00:30

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

ea419e5bb98df6b39d9192b4ee066e34_JaffaCakes118.html
Size

461KB
MD5

ea419e5bb98df6b39d9192b4ee066e34
SHA1

3853684397413bc7ea16722f373bb1588e3bb381
SHA256

e61e75f6c4444054c56684e327b65713a35a4689674f03825e9bafcd2da56bae
SHA512

a5e7bbaf6f02016530fef58f4d3aa708c45ad3099d4848f542e5c2e7aca097e0a9670abe9e2e31114a1ee980ef8ff6471f602278945c446a75b4f7f001609fed
SSDEEP

6144:SXsMYod+X3oI+YNYsMYod+X3oI+YMsMYod+X3oI+YLsMYod+X3oI+YQ:k5d+X3O5d+X3c5d+X315d+X3+

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004961a9603b5d8740891a04601e8b8fb90000000002000000000010660000000100002000000083076ced6649488c239d9b2ec36a4632af6979065a19f4bcf3f573ef2bd48abb000000000e8000000002000020000000096e352f9feaaf3e28604500bda361f7d37ccc484f6fbc20d1559b96a08275be9000000073330331fc47ed438480108e0a4f598bce2e4ecb18a70ca4fd58313288fc005e3e7709a7987c05d6bdcff6841292a5604d6edfe26c3a76c38967570a779eb96970e6f115b82d8460c0d3ea1a2ab657a77a538e2d502c2a72457e0cc4003ba604eace48165fe57ec1c36dd743f61665586f36fddbba4e228792cced2994d53017e12404ff4db7451922165f97970c61c84000000078f3cea1727b77d555e2372e16b0f50de7660f1541e67c2f3495d22ec2cf07f389f3ac571fc39bfc4e40e4ce516420f068ed9fb710b363c52bc9bd68b9ec71dd	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "432867694"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{5E2BD4D1-761E-11EF-B81F-6A951C293183} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004961a9603b5d8740891a04601e8b8fb900000000020000000000106600000001000020000000f492606d8fc9c92710ebfba1eadf863da23aa56b6e252ca73760d979226e0801000000000e80000000020000200000000dcbd58878e11b4a1ffb462405130581cd1595c141231e3b5e5c7a2b66d2dd1320000000be348867d1af2a3c3efd232181273d098724bd8a5af96b6bd27e1ca96df4939b40000000f6615f8ab2bbb55de0e54bf0c7a051fb72ddb01e2a5af64ea54c4e37b0b6e588f3fad00f49f4cc925ba24d2d1fb24c0403a44ecbcb5ef59bf493cf3eebe4b2c3	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 00143d382b0adb01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2112	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2112	iexplore.exe
2112	iexplore.exe
1916	IEXPLORE.EXE
1916	IEXPLORE.EXE
1916	IEXPLORE.EXE
1916	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2112 wrote to memory of 1916	2112	iexplore.exe	30
PID 2112 wrote to memory of 1916	2112	iexplore.exe	30
PID 2112 wrote to memory of 1916	2112	iexplore.exe	30
PID 2112 wrote to memory of 1916	2112	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ea419e5bb98df6b39d9192b4ee066e34_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2112
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2112 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:1916

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5b77b3d0757d970b7388563b90438107

SHA1
fbd065a9408aea37d9776af5196ddea6afcaedbf

SHA256
ef6eae0c952ce72806b7b0e31e9af10aa0d20be3fe4e57ca333a9431e3d48376

SHA512
50a01efe9e3fbec08f69071f2d3cd626bc17156dae896ecbfbe9bbc9f078c3c9a24409514155d504e7dbafea8dae895e074c624ffbaf3b1ffc73d94007e5d691

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a255b65c82914c3351a7c5fcbe449024

SHA1
fe13334eb8a764ba65f01cbf979ddcce3f5049a9

SHA256
855681603fea5641279485f1ba7e033b0e4a940abc811261d9c50008cd91a102

SHA512
0782bcdd9ac2e81a22918d302564c93c0df0d93b6db7d9bf4291faa44ef845e95caa4f67681fe6563c06accb33d31d3d7fa9f4069f70ea6d38df5ea78537be3f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d1364c51a333b2b44e30fa66d2029bf2

SHA1
ed0e59a92fcb544f49342f483ab79b97993f1748

SHA256
16132c67f8dd19d9d8fb07339be371823ee10c8faf4d77a2ef7b05bbcd175a84

SHA512
2d90b26a221fac647c9b1b85dfe77bddb3ccc5d22c48091469b9c2ca8aa651867bddfe47fe3a773021ec464606fc7b8051a68125d27ceba1612819f87903d1b5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4fee323b2ef1dc2a2bc789c13fc062f8

SHA1
5fc6d738e4803d857f724863f5508c70f17bd5ca

SHA256
b7d7fcf1b403f678dda5ef8b41efe72e4598fa1371af38b16c3f6b47aac073e1

SHA512
76f5263af53fe3e56c6e1619372a3e1e17e412c35ee4aaf35f3e1d178e3203da0dc9f762e45b7c07228166c0c87dd517881b53275b8c21cb6db88e32a3b39509

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
218dc2dadf199ab3652b0ca73a1180a0

SHA1
9f43149d8e25dc9ca39d6254bfea31d97cfc6e78

SHA256
9c86e407fab4ad5d3494bf98a6099546fe1eaad2199ed179de92bde0ce57d5c3

SHA512
398310292c748ba9a37b8646d5cee67423d0d4cc00cbaaf64387db6bc414d21636824e21e4c864a65e1041065ddba001477aab858bd093036311ad08454cf843

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
cc9600c91fde2cd062f4d971f44f949f

SHA1
f4ac43ec764f3f286cead391d0d88dfca87a89c9

SHA256
20fd99916587c796e0ccbcf2f590ca1e35c0e16b7338b72b6c3a2c72183c4cf5

SHA512
dae9e4c3241b113260db2bdf4da5caca12af9abbb5702f4ae0db3b041ba49952baf451597235f670af73dec9b3e368413f9b956e6fd6969fa363d451f034bb6e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
41a91873fc15c1e349726325956ed29f

SHA1
ebd9e8b8d4cd69c70ee4523af512c8b1bcc9209c

SHA256
7c8239ff66caee3053bbe34816e3dc15ca5808868679e2c6b452336e72a1361e

SHA512
c320306a848d8ec6d6d3e183b9b844b5c9cdd3bab1d24012679e9b7d2b8964a5529ffd15026af8f3c7bdf9ac2fb850e311e3615a87c7f0f972fa8923b5f780d1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ffc3211e275dd8c5eec65eb67cd35b8b

SHA1
030d333142eff543d8028ceed2081ec5a3952f3f

SHA256
1a3e0416a32bebf781eff7dfbdfbba1c11633b3836e275046bf733e33d114720

SHA512
8a6e5050e563429ddeadbcd8dfc63b00886c4b5fe99f0a0eb88c9c0094b2581d53cb5c475d4835dd6c47dbf8b01e33177350c95098688e8a3bbc4781aac708fa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
51b4309dabe5cfbcbd0904de12ed04a6

SHA1
bb286b267fe3d6f20e68717a7fa0d1f50fb8423d

SHA256
6bcdf6d7f0a15e42b1b45eaa8e5e7f3bbbc83aa1532a351fbc2664dc1275a734

SHA512
64cf9cad1851dcec0adc2ea47f8dc474a936688b2af1642bc3394d52a5809bd526655430866e425cd61140e437b546b0c13c25c211ba70bf5051f07c7d5ae5d5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c77e47b61c4306ec93e240c554eaf8bb

SHA1
82c5adb716c05d30e985e2ed68898462ffac2d5a

SHA256
8ee69a516deabb31606c832df74da5e8e450826a4fe59787d5f482818ca35d62

SHA512
39e025c6985c92ac65bba8651e6169b9db2b3e2c8afaee212ca984b43a3d12adb14ee7f3576bfdb2b34e2ca0131879651dba162286a30a0032bf919289241151

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0fbae8326df4e5c095dba9fc18d64717

SHA1
7968512dd8df13c8b1fa3f4458550ab5916cfed7

SHA256
b0fe04b94554c6518d8dd78e49af529f5bd1eb61c6427913d53f3f5b331fff42

SHA512
04393b502ae808943245d46012cdd7af8bb76494a617df549679abf0b63e114d9ffce063ddff0c9f13f796d41886b9bcb3d30307b260194363fe9c2c6d4979a1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3bdd63e8e082bedbe8b74f265ff23ba6

SHA1
524ec16c33cc4bb7a478d63c771c0181de7669e6

SHA256
51941abc139d8cf1892d61c0b4bcc3be69c6a8fd86b86d8074f5076eac504240

SHA512
20b1df667b557f6080f2202a0f2c94fa25921a9e49f1b037efdcbee5ebb822bbf5ae33930e8921292638df3914536eb121669aabf4f476a751ab8d9fca390108

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
89d9884594fddf0e6e9928b16a8096d4

SHA1
b1172e30c97c1ae83dbba6dc04e519e1476ad4db

SHA256
fa73ce7eb9c8ac9485ff41f0a3609c00138c5596bdf9efb3dae6bbecb63c4a19

SHA512
0f9bb482b75cab0255611d309eae4867ea823bc7ef3ff6f321f24a185ede13ef5e0d460dce140d517040c55fab9afb6fd3e4ce6ef8ad137978b6d32979d8e783

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
de982d6cfd32006b5ff608619e5294f7

SHA1
db67bfd4ba4d8690e7ce419051e4ae7da9da782a

SHA256
14438186041c69f6c1d8d273b7e588b1ee8b30147ce67e4671489cb9b038d146

SHA512
1cb44aa46541210f7dccfba4a9c9eaf6b0c6e630b22e501eb0ed26399d986d36223c27618dd53c1c88adccf53a68668ae337f9d956af5a0cf0ea61cae779a367

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
03ff9bda78601630d60dbb78f16e44c5

SHA1
cf3a7b074b89f5cbadb836d8849de9b412471410

SHA256
a308965985be514ee37d9f8e4feaf2f856aba355e9a381a41afb2569d2a37f9b

SHA512
195e6320a4a46508ebd9addf0a1060ba03126bd2e77796fa299dd6e6e18d2a6415ee5f820f4d2fb6935fa9a41c2bd26ec62f617575e58165ca95b734b9c905b0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
44e1c616db55f27b562daa54869bf9b4

SHA1
5c20b5a71e41a5976d8ec035d0dfe70ff5ff4ee7

SHA256
0fe2bcf25fa9dd069fa46db7b3ba4ebccba4f7b7ea01c160056e2d77bb75d9f5

SHA512
e5fb1c98d885e691d5f37b18b4bfc1e1e5e95df591c461d37f5642ffa6ac79a66d602fa2f3917054da885de910ae55506c6eb16a0da34eb95b47bba48ebea4d8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
47f4585475ec6afe256a92cf1f7c02c6

SHA1
fd3595f0396e40c703a3d1d486e9917da1c8eede

SHA256
ec90d9ab41fa29270a349ac61ab659ec651cd20d28168cebc3571f7c334dae69

SHA512
454ddc210a42578173dcd1d040e807f96d1ad7970946527811f538cd9ebe712999d3b81f7389662ace5ba8719ae7e9b2344273aaa893c36ee8b886f5b0b27860

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabE32F.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarE3A1.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit